arefone
asked on
Cisco VPN static-to-dynamic
Hi,
On my PIX v.8 I have already site to site vpns configured, and I have too remote access vpn configured, what I need to configure now is another vpn with a remote site with dynamic ip.
The remote site has Cisco 877 Router, on it, I already configured the crypto stuff and access list, but I don't know how to configure this new vpn on the PIX adding it to the others already configured.
Any help will be appreciated.
On my PIX v.8 I have already site to site vpns configured, and I have too remote access vpn configured, what I need to configure now is another vpn with a remote site with dynamic ip.
The remote site has Cisco 877 Router, on it, I already configured the crypto stuff and access list, but I don't know how to configure this new vpn on the PIX adding it to the others already configured.
Any help will be appreciated.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I tried already that doc, it did not work, when I try to issue the command "tunnel-group DefaultL2LGroup general-attributes
authentication-server-grou p none" on the pix, it tells that no "authentication-server-gro up none" option available.
authentication-server-grou
Just dont use this option. The configuration described there is 100% working
ASKER
Sorry Fgasimzade, can you post me the configs I need to implement on my pix without having all the stuff I don't need so it helps better?
yessss.. configs and logs... will help
ASKER
with "tunnel-group DefaultL2LGroup ipsec-attributes" command on PIX it worked.
1. Use DynDNS to provide a static address even though your remote site changes.
http://dyn.com/dns/
2. If the remote IP address changes infrequently (not more frequently that once a year) then just use the address and change when needed. I use this approach for my home office site to site tunnels.
.... Thinkpads_User